PT-2026-3480 · Movary · Movary
Mbiesiad
·
Published
2026-01-19
·
Updated
2026-01-20
·
CVE-2026-23839
CVSS v3.1
9.3
Critical
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Movary versions prior to 0.70.0
Description
Movary is a web application used to track and rate movie watch history. Insufficient input validation allows attackers to trigger cross-site scripting payloads. The vulnerable parameter is
categoryUpdated.Recommendations
Versions prior to 0.70.0 should be updated to version 0.70.0.
Exploit
Fix
XSS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Movary